Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add modsecurity module #1498

Merged
merged 3 commits into from
Oct 10, 2017
Merged

Add modsecurity module #1498

merged 3 commits into from
Oct 10, 2017

Conversation

aledbf
Copy link
Member

@aledbf aledbf commented Oct 8, 2017

What this PR does / why we need it:

This PR adds the ModSecurity-nginx module to the nginx-slim image.

@k8s-ci-robot k8s-ci-robot added do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. labels Oct 8, 2017
@k8s-reviewable
Copy link

This change is Reviewable

@k8s-ci-robot k8s-ci-robot added the size/M Denotes a PR that changes 30-99 lines, ignoring generated files. label Oct 8, 2017
@k8s-ci-robot k8s-ci-robot added size/L Denotes a PR that changes 100-499 lines, ignoring generated files. and removed size/M Denotes a PR that changes 30-99 lines, ignoring generated files. labels Oct 8, 2017
@coveralls
Copy link

Coverage Status

Coverage remained the same at 33.582% when pulling 3f19664f10c7ecb0b3aaaadd3ef09406a63c9be8 on aledbf:nginx-modsecurity3 into c873ef6 on kubernetes:master.

@k8s-ci-robot k8s-ci-robot added size/M Denotes a PR that changes 30-99 lines, ignoring generated files. and removed size/L Denotes a PR that changes 100-499 lines, ignoring generated files. labels Oct 8, 2017
@coveralls
Copy link

Coverage Status

Coverage decreased (-0.04%) to 33.544% when pulling b44fe5605d4c349f3dcdddded44ba0f74d18fc03 on aledbf:nginx-modsecurity3 into c873ef6 on kubernetes:master.

@coveralls
Copy link

Coverage Status

Coverage remained the same at 33.582% when pulling b44fe5605d4c349f3dcdddded44ba0f74d18fc03 on aledbf:nginx-modsecurity3 into c873ef6 on kubernetes:master.

@k8s-ci-robot k8s-ci-robot added size/L Denotes a PR that changes 100-499 lines, ignoring generated files. and removed size/M Denotes a PR that changes 30-99 lines, ignoring generated files. labels Oct 10, 2017
@coveralls
Copy link

Coverage Status

Coverage remained the same at 33.492% when pulling 0447484db4dbcc9d87dc28fce05ea88555c64d95 on aledbf:nginx-modsecurity3 into 63155ee on kubernetes:master.

@coveralls
Copy link

Coverage Status

Coverage remained the same at 33.492% when pulling a03d6ebbb74efe836f5a52a6456ce9a992c57c65 on aledbf:nginx-modsecurity3 into 63155ee on kubernetes:master.

@coveralls
Copy link

Coverage Status

Coverage remained the same at 33.492% when pulling 2d23c5120bd7b689a597f0697da160647550510c on aledbf:nginx-modsecurity3 into 63155ee on kubernetes:master.

@coveralls
Copy link

Coverage Status

Coverage remained the same at 33.492% when pulling a9a22b0 on aledbf:nginx-modsecurity3 into 63155ee on kubernetes:master.

rikatz
rikatz reviewed Oct 10, 2017
View reviewed changes
images/nginx-slim/build.sh Outdated
--add-module=$BUILD_PATH/nginx-opentracing-$NGINX_OPENTRACING"

if [[ ${ARCH} == "x86_64" ]]; then
WITH_MODULES+=" --add-module=$BUILD_PATH/ModSecurity-nginx-$MODSECURITY"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@aledbf I would only like to ask if that's possible for us to use --add-dynamic-module instead of --add-module, so NGINX creates a .so file, that could be loaded in runtime, allowing us to load this module only if the user want's this :)

Here are some examples, this is supported in NGINX community since version 1.9.11 and may use an absolute path.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done

@coveralls
Copy link

Coverage Status

Coverage remained the same at 33.492% when pulling b038e7a on aledbf:nginx-modsecurity3 into 63155ee on kubernetes:master.

@aledbf aledbf changed the title WIP Add modsecurity module Add modsecurity module Oct 10, 2017
@k8s-ci-robot k8s-ci-robot removed the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Oct 10, 2017
@coveralls
Copy link

Coverage Status

Coverage remained the same at 33.492% when pulling 98e4661 on aledbf:nginx-modsecurity3 into 63155ee on kubernetes:master.

@aledbf
Copy link
Member Author

aledbf commented Oct 10, 2017

@nicksardo please merge and publish. Thanks!

@nicksardo nicksardo merged commit 12392b7 into kubernetes:master Oct 10, 2017
@aledbf aledbf deleted the nginx-modsecurity3 branch October 10, 2017 22:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rikatz rikatz rikatz left review comments

Assignees

@nicksardo nicksardo

Labels
cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. size/L Denotes a PR that changes 100-499 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@aledbf @k8s-reviewable @coveralls @rikatz @nicksardo @k8s-ci-robot